Isaca CISA Quiz 23 Topic 1 Questions 111-115

Question: 1

An IT governance body wants to determine whether IT service delivery is based on consistently effective processes. Which of the following is the BEST approach?

AImplement a control self-assessment (CSA).

BDevelop a maturity model.

CConduct a gap analysis.

DEvaluate key performance indicators (KPIs).

Show Answer

Question: 2

Which of the following would be the MOST significant factor when choosing among several backup system alternatives with different restoration speeds?

ARecovery point objective (RPO)

BMean time between failures (MTBFs)

CMaximum tolerable outages (MTOs)

DRecovery time objective (RTO)

Show Answer

Question: 3

Which of the following is MOST important to review when planning for an IS audit of an organization's cross-border data transfers?

ALong-term IS strategy

BPrevious external audit reports

CApplicable regulatory requirements

DOffshore supplier risk assessments

Show Answer

Question: 4

An IS auditor observes that a business-critical application does not currently have any level of fault tolerance Which of the following is the GREATEST concern with this situation?

ASingle point of failure

BLimited tolerance for damage

CDegradation of services

DDecreased mean time between failures (MTBF)

Show Answer

Question: 5

Which of the following is the BEST way to mitigate the risk associated with malicious changes to binary code during the software development life cycle (SDLC)?

AParity check

BDigital envelope

CSegregation of duties

DCryptographic hash

Show Answer

Isaca CISA Quiz:23 Topic:1 Questions:111-115